Password Management: Balancing Security and Ease-of-Business

There are two points each of us has to deal with whenever we log on to our computers: security and ease-of-business. The two may seem to be mutually exclusive, but they must work together for any of us to be effective.

All of us deal with password issues. Don’t you just hate it when you are asked to change your password and you get a warning that your password is “weak?” We all deal with multiple companies when we are paying bills online and keeping those log-ins straight takes organization.

The issue of password management is even more critical for independent agencies who not only work with multiple insurance carriers, but with vendors, MGAs and others. The issue of password management has been simmering for a while and is now garnering the attention carriers and agents feel it desperately needs.

Security is a priority because confidential data is being passed between the carrier and the agency and no one wants to think that a list of passwords offering access to your private information is “hidden” in the unlocked desk drawer of the CSR or gone unchanged even though a third of the staff has turned over in the last two months.

Password management comes down to two issues, according to Ted Joyce, a director of XD Net, the Nexsure user group who represents XD Net with the ACORD User Group Information Exchange (AUGIE).

One issue is to make the system manageable—which is not currently the case—and the second is to have an automated management system.

“What we are hoping for it that password management would evolve to where it would automatically connect to each of our partners so that once Company X verifies this is Ted Joyce’s agency, than everyone connected with Ted will automatically be identified and verified so wedon’t have to manage all the passwords,” Joyce says. “All I’ll have to do is manage my system, and be identified once.”

Joyce believes this is one of the issues carriers need to respond to if they truly believe they are easy to do business with from workflow and pure agency managementstandpoints.

As for the security issues, Joyce points out if a lower level person leaves the agency it might mean changing four or five passwords, but if it is a higher level producer there may be 20 or 25 passwords that need to be changed.

“You can’t disconnect them in one fell swoop,” says Joyce. “You have to do them all individually. What happens if you miss one and unfortunately that person has an axe to grind? You and your carrier partner are at risk. That not only affects you, it affects a client or a prospect. You can see the great payback on this and it’s critical to getdone.”

One step in the right direction has been the establishment of the ID Federation, which not only has the support of the major agency management system vendors, but has leading insurers such as Progressive, The Hartford, Hanover and others looking for a solution.

The mission statement of the ID Federation is simple: “Our mission is to provide our industry with common legal and technicalstandards, which will remove the need for multiple passwords while increasing security and the ease of doing business with one another.”

Sounds simple, but it takes a firm commitment to serve your business partners and a trust in your competitors to get everyone on equal footing. A mission such as this requires patience, but let’s hopes it doesn’t take too long to realize the value in store for each of them.

Featured Topics

The branch director at Elliott Insurance Group, Springhill, Kan., discusses smart underwriting, the biggest difference between working as an underwriter and as an agent, and the importance of a personal touch in times of crisis.